first firewall with pf
Michael K. Smith - Adhost
mksmith at adhost.com
Thu Mar 26 09:33:41 PDT 2009
Hello Eric:
Hi everyone,
Can you provide a little more information about your topology? Right now, you only have one interface defined in your rules, but you are attempting to pass traffic between two subnets. That would suggest you have two interfaces and, if so, both need to be accounted for in your rules below. You'll have to have pass/block rules for both. It looks like this:
172.16.0.0/16 -> le0 <firewall> -> (some other interface) -> 10.0.0.0
Could you tell me if that is correct?
Thanks,
Mike
----- Original Message Snipped -----
Thanks for all your input so far. I have tried to implement all you suggestions but have gotten stuck. I set up a test machine in the office with the ip 10.0.0.110 and encountered the following problems:
when I enables antispoofing the firewall didn't work
when I tried allowing the 10.0.0.0 subnet it worked ok but when i tried connecting from machines on the 172.16 subnet I was unable to connect.
Can you please let me know what I'm doing wrong?
----------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 474 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090326/54d6b888/PGP.pgp
More information about the freebsd-questions
mailing list